DOCSLIB.ORG

Alyssa Rose COMP-116: Computer System Security 13-December

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Alyssa Rose COMP-116: Computer System Security 13-December Alyssa Rose COMP-116: Computer System Security 13-December-2019 Starting from Stuxnet: The Development of the US-Iranian Cyberwar Iran and the United States have been engaged in a cyberwar beginning with the release of Stuxnet in 2010, a worm written by the United States and Israel targeting the Natanz nuclear plant in Iran. Attacks on the Iranian side have been led mainly by APT33, a prominent Iranian cyber fighter group going by a multitude of aliases, while the United States’ strikes have acted as retaliations against Iranian aggression as a means of committing damage without human casualty. The attacks by APT33 have been propelled mainly by password spraying and spear phishing, which have allowed them to infect target systems with malware such as SHAPESHIFT and backdoors like TURNEDUP. As tension continues to escalate between the United States and Iran, there has been a drastic increase in such spear phishing and password spraying attacks by Iran, indicating that the groundwork for another Shamoon level attack is being formed. Analysis of this conflict allows for greater understanding of warfare in the digital era, and the cyber tactics employed by both sides whether they be classic or novel Black Hat methods. Tension between the United States and Iran has manifested itself countless times in the forms of orchestration of coups ("US-Iran Relations: A Brief History"), hostage situations, and the shooting down of planes and drones. However, the recent strained relationship between Iran and the United States has yet to form into a full-scale declaration of war, or at least one that is guided by the traditional rules of engagement. Under the surface, a cyberwar has been thriving since it was first waged in 2010 upon the release of Stuxnet (Zetter). The first of its kind, the unraveling and formation of this conflict lays the foundation for how cyberwarfare is enacted. Unbeknownst to most and unclear to many, there are few restrictions to the retailiations of the two forces, and the attacks evolve at a rate faster than any wartime tactics and line of defenses. This paper will delve into the technical and political repercussions of the US-Iranian cyberwar, including an analysis of Stuxnet (the first digital weapon that informally declared war), other cyber tactics used, and what it means for the future of wartime politics. Analysis of this conflict is crucial to the general cybersecurity and political communities for two reasons: first and foremost, this conflict is establishing the foundation for a new form of warfare. The consequences of such cyberattacks do not manifest themselves in the standard tangible forms of most traditional war time offenses, nor is attribution entirely possible. This has led to two results; the conflict is largely unbeknownst to the general public and there are zero guidelines for rules of engagement. Thus, the tactics and attacks used by the United States and Iran are limited moreso to the technical capabilities of each respective force, and less to the military budgets of each which has traditionally been the predictor of the ‘winner’ of the war. Secondly, the concentration of resources into the offenses and defenses results in the side effect of progress in the field. Development of new malware and attacks will eventually find their way to the greater community (as seen in the ease of spread that Stuxnet thrived on), which provides new material and concepts for use and adaptation by Black Hat hackers. Equally so, the line of defense against such cyber attacks will attempt to linearly or exponentially scale. This provides an environment for innovation in proactive security, which becomes more necessary as the creativity of the attacks grow. Consequently, the success of the war efforts are contingent on quality, rather than quantity. Beginning in January of 2010, the nuclear plant located in Natanz, Iran began to experience unprecedented failure of centrifuges responsible for the enrichment of uranium gas as the centrifuges would spin too quickly, resulting in self destruction. As centrifuge failure occurred, the source of the issue was finally discovered by security specialists in Belarus; malware that targeted supervisory control and data acquisition (SCADA) systems that were manufactured by Siemens (specifically, Siemens Step7 software). The malware was able to gain control of the machinery, allowing for control of the industrial program logic controllers. Despite the antiquity of the attack, Stuxnet was the unofficial declaration of cyberwar between the US and Iran, a conflict that has not slowed since. After the launch of Stuxnet, Iranian forces began their own attacks, starting with ‘Operation Ahabil’ led by members of Izz Ad-Din Al Qassam (also known as the Qassam Cyber Fighters) that targeted various American banks through use of distributed denial of service (DDoS) attacks. These attacks were standard DDoS attacks with the extra exploitation of flooding the banks websites with encryption requests (Perlroth, and Hardy). Despite the continuing issue of attribution, the main perpetrator on the Iranian side is a group known as APT33 (also known as Refined Kitten, Elfin, Holmium, Magnallium) that has been active since 2013. The focus of APT33 resides mainly in the aviation and energy sectors ("APT33, Elfin") with spear phishing attacks targeting employees in the aviation sector in 2016. The spear phishing was conducted via links to malicious HTML application files (.hta) (O'Leary et al.) that allowed for the downloading of an APT33 backdoor. Such spear phishing attacks again appeared in June of 2019, targeting US national labs and the Department of Energy (Greenberg). Additionally, APT33 has continued to use password-spraying techniques throughout all of 2019, targeting manufacturers, suppliers, and maintainers of industrial control systems as reported by Microsoft (Greenberg). In October of 2019, the Microsoft Threat Intelligence Center (MSTIC) reported attempts to access and attack around 241 email accounts associated with the U.S. presidential campaign, government officials, journalists, and Iranian citizens living outside of Iran (Burt). Although the attacks were attributed to an unknown group (dubbed ‘Phosphorus’ by Microsoft) originating from Iran, APT33 has been considered the likeliest actor. Despite the seemingly low scale attacks, Iranian cyber forces have been responsible for the installation of malware and backdoors, including the infamous Shamoon worm that resulted in thousands of computers having their master boot record and data wiped. Shamoon was originally launched in 2016, via means of spear phishing emails that included a document with a malicious macro that when executed, allowed for access and control through a remote PowerShell (Albano, and Kessem). Although APT33 has not been directly tied to Shamoon, APT33 has employed the use of DROPSHOT (a dropper) that is linked to SHAPESHIFT (also referred to as StoneDrill), malware capable of wiping disks and deleting large volumes of files, which resembles closely the most recent versions of Shamoon. However, DROPSHOT is well above Shamoon in sophistication as it uses external scripts for self deletion and memory injection for the deployment (O'Leary et al.). DROPSHOT has also been used for the installation of TURNEDUP, a backdoor that was used for an array of attacks that were largely prominent in 2017. As such, the increase in password spraying and spear phishing attempts in October and November of 2019 indicate that the groundwork for a larger scale attack, most likely targeting industrial control systems in power grids and manufacturing facilities, is possible. Such attacks would serve the purpose of retaliation for the withdrawal of the 2015 nuclear deal by the Trump administration, and blame that was placed on the Iranian government for the drone strikes on one of the largest oil processing facilities in September of 2019. After the attack in September, the United States launched a cyber strike on Iran, a strike that supposedly affected physical hardware (Ali, and Stewart) and demonstrates the United States’ willingness to engage in such a cyberwar when physical attacks would prove to be too risky, choosing to engage in damages without human casualty. As such attacks become more commonplace as the tension between the United States and Iran increases, the analysis and consideration of various defenses is crucial. As the threat of another Shamoon level attack looms from Iranian forces, analysis of the first deployment of Shamoon provides insight into possible defensive measures that may be enacted by the United States. Foremost, password spraying efforts can be mitigated with stronger passwords, requirements that could be enforced by Microsoft and the IT departments of the various US national labs, manufacturing facilities, and aerospace/energy sector companies. DROPSHOT’s deployment was also contingent on the success of spear phishing that allowed for the downloading of documents with a malicious macro. In APT33’s earliest attacks employing distributed denial of service (DDoS) methods, rate limiting and locating data centers on different networks may have mitigated the effects of such attacks ("What Is A DDOS Attack & How To Protect Your Site Against One") . Overall, educating workers at targeted organizations (and the general public) on not downloading files from unknown sources (preventing against spear phishing) and the importance of complex passwords would have easily stopped such attacks as in Stuxnet, Shamoon, DROPSHOT/SHAPESHIFT,
Load more

Recommended publications
  • Issue No. 486 AUGUST 2021
    Issue Brief ISSUE NO. 486 AUGUST 2021 © 2021 Observer Research Foundation. All rights reserved. No part of this publication may be reproduced, copied, archived, retained or transmitted through print, speech or electronic media without prior written approval from ORF. The Limits of Military Coercion in Halting Iran’s Nuclear Weapons Programme Kunal Singh Abstract Israel believes that the use of force is essential to stopping Iran from making the nuclear bomb. A vocal section of the strategic affairs community in the United States agrees with the proposition. This brief argues that military means are unlikely to sabotage the nuclear weapons programme of an advanced-stage bomb-seeker like Iran. Moreover, use of force could be counterproductive as it can incentivise Iran’s pursuit of the bomb, and it may erode the confidence required for diplomatic negotiations that can possibly help cease the weapons programme. Attribution: Kunal Singh, “The Limits of Military Coercion in Halting Iran’s Nuclear Weapons Programme,” ORF Issue Brief No. 486, August 2021, Observer Research Foundation. 01 n early April in Vienna, the Biden administration initiated efforts with Iran to reinstate the Joint Comprehensive Plan of Action (JCPOA), more commonly known as the Iran nuclear deal, from which the United States (US) had exited during the tenure of former US President Donald Trump. A week later, an explosion at Iran’s Natanz uranium enrichment Ifacility caused a power blackout. Israel, the state most vocally opposed to the JCPOA, is widely believed to have
    [Show full text]
  • Iran: Recent Incidents Likely a Coordinated String of Deliberate Attacks
    The Cambridge Security Initiative IRAN: RECENT INCIDENTS LIKELY A COORDINATED STRING OF DELIBERATE ATTACKS JULY 2020 Richard C. Baffa Since early May, Iranian critical infrastructure and national security facilities have been subject to at least nine fires, explosions, and apparent cyberattacks; eight of these have taken place since 26 June. The nature of the targets and the short period of time in which they have occurred is unprecedented, strongly pointing to deliberate attacks and/or sabotage. Tehran has downplayed many of the incidents as accidents, but unofficially blamed the United States, Israel, and an unnamed Arab state (likely Saudi Arabia and/or the United Arab Emirates), and has vowed to retaliate. Two of the sites, the Natanz enrichment facility and Khojir military base, are highly secure national security facilities, harbouring sensitive nuclear and ballistic missile capabilities, including the IR-4 and IR-6 generation of modern centrifuges. At Natanz, an explosion and fire damaged a new, high-value centrifuge production/assembly plant on 2 July; the building is adjacent to underground fuel production facilities where the U.S. and Israel conducted the Stuxnet cyberattack a decade ago. An unnamed Middle Eastern intelligence official claimed Israel was responsible, using a powerful bomb. On 26 June, another explosion took place at Khojir missile production site, a highly secretive facility for missile engines and propellant development and testing near Tehran. In addition, on 10 July, local witnesses in Garmdarreh, west of Tehran, reported a series of explosions followed by widespread power outages. Multiple reports claimed the explosions occurred at Islamic Revolutionary Guard Corps (IRGC) missile depots, possibly the Islam IRGC Aerospace military base; there are also other military facilities, a chemical weapons research site, and power plants in the area.
    [Show full text]
  • The Iranian Cyber Threat
    The Iranian Cyber Threat May 2021 0 Contents Introduction .............................................................................................................................................. 2 Cyber Retaliation ..................................................................................................................................... 2 Iran’s National Security Strategy .............................................................................................................. 4 Laying the Groundwork ........................................................................................................................... 5 Structure ................................................................................................................................................... 5 Defense ................................................................................................................................................... 6 Offense .................................................................................................................................................... 6 History of Iranian Cyber Attacks and Incidents ........................................................................................... 7 The Attacks .............................................................................................................................................. 8 Iranian Cyber Army .................................................................................................................................
    [Show full text]
  • Duqu the Stuxnet Attackers Return
    Uncovering Duqu The Stuxnet Attackers Return Nicolas Falliere 4/24/2012 Usenix Leet - San Jose, CA 1 Agenda 1 Revisiting Stuxnet 2 Discovering Duqu 3 Inside Duqu 4 Weird, Wacky, and Unknown 5 Summary 2 Revisiting Stuxnet 3 Key Facts Windows worm discovered in July 2010 Uses 7 different self-propagation methods Uses 4 Microsoft 0-day exploits + 1 known vulnerability Leverages 2 Siemens security issues Contains a Windows rootkit Used 2 stolen digital certificates Modified code on Programmable Logic Controllers (PLCs) First known PLC rootkit 4 Cyber Sabotage 5 Discovering Duqu 6 Boldi Bencsath Announce (CrySyS) emails: discovery and “important publish 25 page malware Duqu” paper on Duqu Boldi emails: Hours later the “DUQU DROPPER 7 C&C is wiped FOUND MSWORD 0DAY INSIDE” Inside Duqu 8 Key Facts Duqu uses the same code as Stuxnet except payload is different Payload isn‟t sabotage, but espionage Highly targeted Used to distribute infostealer components Dropper used a 0-day (Word DOC w/ TTF kernel exploit) Driver uses a stolen digital certificate (C-Media) No self-replication, but can be instructed to copy itself to remote machines Multiple command and control servers that are simply proxies Infections can serve as peers in a peer-to-peer C&C system 9 Countries Infected Six organizations, in 8 countries confirmed infected 10 Architecture Main component A large DLL with 8 or 6 exports and 1 main resource block Resource= Command & Control module Copies itself as %WINDIR%\inf\xxx.pnf Injected into several processes Controlled by a Configuration Data file Lots of similarities with Stuxnet Organization Code Usual lifespan: 30 days Can be extended 11 Installation 12 Signed Drivers Some signed (C-Media certificate) Revoked on October 14 13 Command & Control Module Communication over TCP/80 and TCP/443 Embeds protocol under HTTP, but not HTTPS Includes small blank JPEG in all communications Basic proxy support Complex protocol TCP-like with fragments, sequence and ack.
    [Show full text]
  • Reimagining US Strategy in the Middle East
    REIMAGININGR I A I I G U.S.S STRATEGYT A E Y IIN THET E MMIDDLED L EEASTS Sustainable Partnerships, Strategic Investments Dalia Dassa Kaye, Linda Robinson, Jeffrey Martini, Nathan Vest, Ashley L. Rhoades C O R P O R A T I O N For more information on this publication, visit www.rand.org/t/RRA958-1 Library of Congress Cataloging-in-Publication Data is available for this publication. ISBN: 978-1-9774-0662-0 Published by the RAND Corporation, Santa Monica, Calif. 2021 RAND Corporation R® is a registered trademark. Cover composite design: Jessica Arana Image: wael alreweie / Getty Images Limited Print and Electronic Distribution Rights This document and trademark(s) contained herein are protected by law. This representation of RAND intellectual property is provided for noncommercial use only. Unauthorized posting of this publication online is prohibited. Permission is given to duplicate this document for personal use only, as long as it is unaltered and complete. Permission is required from RAND to reproduce, or reuse in another form, any of its research documents for commercial use. For information on reprint and linking permissions, please visit www.rand.org/pubs/permissions. The RAND Corporation is a research organization that develops solutions to public policy challenges to help make communities throughout the world safer and more secure, healthier and more prosperous. RAND is nonprofit, nonpartisan, and committed to the public interest. RAND’s publications do not necessarily reflect the opinions of its research clients and sponsors. Support RAND Make a tax-deductible charitable contribution at www.rand.org/giving/contribute www.rand.org Preface U.S.
    [Show full text]
  • The Cyberpeace Institute Foreword 2 Acknowledgements 5
    March 2021 The CyberPeace Institute Foreword 2 Acknowledgements 5 Part 1: Setting the Scene 7 Disclaimer Introduction 9 The opinions, findings, and conclusions and recommendations in Signposting – How to read the Report 11 this Report reflect the views and opinions of the CyberPeace Institute Key Findings 15 alone, based on independent and discrete analysis, and do not indicate Recommendations 19 endorsement by any other national, regional or international entity. Part 2: Understanding the Threat Landscape 27 The designations employed and the presentation of the material in this publication do not express any opinion whatsoever on the part of the Chapter 1 Background 29 CyberPeace Institute concerning the legal status of any country, territory, 1.1 A convergence of threats to healthcare 29 city or area of its authorities, or concerning the delimitation of its 1.2 Healthcare as a target of choice 30 frontiers or boundaries. 1.3 Cybersecurity in the healthcare sector 32 Copyright Notice Chapter 2 Victims, Targets and Impact 35 2.1 A diversity of victims – the people 36 The concepts and information contained in this document are the 2.2 A typology of targets – healthcare organizations 38 property of the CyberPeace Institute, an independent non-profit 2.3 A variety of impacts on victims and targets 41 foundation headquartered in Geneva, unless otherwise indicated within the document. This document may be reproduced, in whole or in part, Chapter 3 Attacks 51 provided that the CyberPeace Institute is referenced as author and 3.1 Disruptive attacks – ransomware’s evolving threat to healthcare 52 copyright holder. 3.2 Data breaches – from theft to cyberespionage 57 3.3 Disinformation operations – an erosion of trust 59 © 2021 CyberPeace Institute.
    [Show full text]
  • Stuxnet, Schmitt Analysis, and the Cyber “Use-Of-Force” Debate
    Members of International Telecommunications Union and UN Institute for Training and Research confer on cyber security UN (Jean-Marc Ferré) UN (Jean-Marc Stuxnet, Schmitt Analysis, and the Cyber “Use-of-Force” Debate By ANDREW C. FOLTZ All Members shall refrain in ne of the many seemingly advance the specific criteria states will use in intractable legal issues sur- making such determinations. their international relations rounding cyberspace involves As discussed in this article, several ana- from the threat or use of force O whether and when peacetime lytic frameworks have been developed to help against the territorial integ- cyber operations constitute a prohibited use of assess when cyber operations constitute a use force under Article 2(4) of the United Nations of force.3 One conclusion these frameworks rity or political independence (UN) Charter. Notwithstanding a significant share is that cyber operations resulting in of any state, or in any other body of scholarly work on this topic and physical damage or injury will almost always manner inconsistent with extensive real-world examples from which to be regarded as a use of force. When these draw, there is no internationally recognized frameworks were developed, however, there the Purposes of the United definition of a use of force.2 Rather, what has were few, if any, examples of peacetime, state- Nations. emerged is a general consensus that some sponsored cyber coercion. More importantly, cyber operations will constitute a use of force, the prospect of cyber attacks causing physical —Article 2(4), Charter of the but that it may not be possible to identify in damage was largely theoretical.4 Beginning United Nations1 Lieutenant Colonel Andrew C.
    [Show full text]
  • The Iranian Cyber Threat
    The Iranian Cyber Threat May 2020 0 Contents Introduction ............................................................................................................................................ 1 Structure ................................................................................................................................................. 4 History of Iranian Cyber Attacks and Incidents ......................................................................................... 6 Conclusions ........................................................................................................................................... 11 Introduction In the early morning hours of January 3, 2020, Iran’s Islamic Revolutionary Guard Corps (IRGC) Quds Force commander Qassem Soleimani was killed in a U.S. drone strike that targeted his convoy immediately after landing at Baghdad’s international airport. Iranian leaders vowed “harsh retaliation” for the attack, and followed up on this threat by firing a salvo of over a dozen ballistic missiles at two Iraqi air bases housing U.S. troops in the early morning hours of January 8, wounding over 100 soldiers. While Iran has not yet taken additional major acts of revenge, it has signaled that it is likely to strike U.S. interests again at a future time of its choosing. Iran’s Supreme Leader, Ayatollah Ali Khamenei, intoned that while the ballistic missile attack represented a “slap on the face” for the U.S., “military action like this (ballistic missile) attack is not sufficient,” vowing to refuse to enter negotiations and to continue to confront the U.S. until its influence is expelled from the region. In the intervening period, Iran’s leaders have maintained a steady drumbeat of threatening rhetoric aimed at the U.S., with Soleimani’s successor, Esmail Qaani, for instance vowing to “hit his enemy in a manly fashion.” With U.S.-Iran tensions heightened, the U.S. national security apparatus has cautioned that one avenue for retaliation Iran is likely to pursue is launching offensive cyber attacks targeting the U.S.
    [Show full text]
  • INSS Insight No. 1409, December 2, 2020 the Assassination of Fakhrizadeh: Considerations and Consequences
    INSS Insight No. 1409, December 2, 2020 The Assassination of Fakhrizadeh: Considerations and Consequences Amos Yadlin and Assaf Orion The assassination of Mohsen Fakhrizada invites six questions: Who is responsible for the act? What was the objective? Why now? What are the consequences of the assassination? How will Iran respond? What is the recommended policy for Israel in light of this development? This article contends that barring narrow political considerations, whoever ordered Fakhrizadeh's assassination apparently tried to achieve three strategic objectives: damage Iran's nuclear program; obstruct the Biden administration's return to the nuclear agreement; and perhaps, though less likely, encourage an escalation that would result in a US attack on Iran's nuclear sites. The first objective seems to have been achieved, although the response to the assassination is still ahead and may exact a costly price. Attainment of the other two goals depends heavily on the Iranian response, but in any case, these are far- reaching objectives with slimmer chances of realization. The year 2020 began with the assassination of Revolutionary Guards General Qassem Soleimani, and approached its close with the assassination of Revolutionary Guards General Mohsen Fakhrizadeh. Soleimani was the commander of the Quds Force and led Iran's strategic effort for regional hegemony, primarily through subversive diplomacy, proxy warfare, and arms proliferation. Fakhrizadeh led Iran's second strategic effort – the pursuit of nuclear weapons. The assassination of Fakhrizadeh invites six questions: Who is responsible for the act? What was the objective? Why now? What are the consequences of the assassination? How will Iran respond? What is the recommended policy for Israel in light of this development? The United States took public responsibility for the killing of General Qassem Soleimani and in response suffered an Iranian barrage of missiles fired at an American base in Iraq.
    [Show full text]
  • Stuxnet 0.5: the Missing Link Geoff Mcdonald, Liam O Murchu, Stephen Doherty, Eric Chien
    Security Response Stuxnet 0.5: The Missing Link Geoff McDonald, Liam O Murchu, Stephen Doherty, Eric Chien Version 1.0: February 26, 2013 Overview Contents In 2010, Symantec reported on a new and highly sophisticated worm Overview ............................................................ 1 called Stuxnet. This worm became known as the first computer Installation and load point ................................ 3 software threat that was used as a cyber-weapon. The worm was Replication ......................................................... 3 specifically designed to take control over industrial plant machinery Command-and-control ...................................... 4 and making them operate outside of their safe or normal performance Payload ............................................................... 5 envelope, causing damage in the process. This was a first in the history Man-in-the-Middle ....................................... 5 of malware. Fingerprinting and building DB8061 ................ 6 PLC device attack code ................................ 9 Clues in the code pointed to other versions of the worm which could Conclusion........................................................ 12 potentially perform different actions leaving an open question about Appendix A ....................................................... 13 Stuxnet and how it came to be. The wait for the missing link is now Appendix B ....................................................... 14 over. Symantec have now discovered an older version of Stuxnet
    [Show full text]
  • Iranian Offensive Cyber Attack Capabilities
    January 13, 2020 Iranian Offensive Cyber Attack Capabilities Threat Evolution internal internet security controls. The NCC is also tasked Iran’s use of cyberspace has evolved from an internal with “preparing for a cultural war” between Iran and its means of information control and repression to more enemies, according to the 2013 NCC Statute issued by Iran. aggressive attacks on foreign targets. The regime has been developing its own cybersecurity software and internet Islamic Revolutionary Guard Corps (IRGC). A branch architecture in order to protect and insulate its networks, of the Iranian Armed Forces, this military force oversees and it has been developing technological cyber expertise as offensive cyber activities. a form of asymmetric warfare against a superior conventional U.S. military. IRGC Electronic Warfare and Cyber Defence Organization. This organization provides training courses Iran also has a history of using cyberattacks in retaliation in cyber defenses and denies access to and censors online against the United States. In 2010, a computer worm known content and communications. as Stuxnet was discovered by cybersecurity researchers to have infiltrated the computers that controlled nuclear Basij Cyber Council. Considered a paramilitary force, centrifuges in Iran, causing physical damage and preventing Basij comprises nonprofessionals, using volunteer hackers operation. The Stuxnet worm was reported to have been a under IRGC specialist supervision. These volunteers are joint effort between the governments of the United States sometimes referred to as “cyber war commandos.” and Israel. Following the discovery of the Stuxnet malware, U.S. assets experienced an increase in the severity and National Passive Defense Organization (NPDO).
    [Show full text]
  • Raven Leilani the Novelist Makes a Shining Debut with Luster, a Mesmerizing Story of Race, Sex, and Power P
    Featuring 417 Industry-First Reviews of Fiction, Nonfiction, Children'sand YA books KIRKUSVOL. LXXXVIII, NO. 15 | 1 AUGUST 2020 REVIEWS Raven Leilani The novelist makes a shining debut with Luster, a mesmerizing story of race, sex, and power p. 14 Also in the issue: Raquel Vasquez Gilliland, Rebecca Giggs, Adrian Tomine, and more from the editor’s desk: The Dysfunctional Family Sweepstakes Chairman BY TOM BEER HERBERT SIMON President & Publisher MARC WINKELMAN John Paraskevas # As this issue went to press, the nation was riveted by the publication of To o Chief Executive Officer Much and Never Enough: How My Family Created the World’s Most Dangerous Man MEG LABORDE KUEHN (Simon & Schuster, July 14), the scathing family memoir by the president’s niece. [email protected] Editor-in-Chief For the past four years, nearly every inhabitant of the planet has been affected TOM BEER by Donald Trump, from the impact of Trump administration policies—on [email protected] Vice President of Marketing climate change, immigration, policing, and more—to the continuous feed of SARAH KALINA Trump-related news that we never seem to escape. Now, thanks to Mary Trump, [email protected] Ph.D., a clinical psychologist, we understand the impact of Donald Trump up Managing/Nonfiction Editor ERIC LIEBETRAU close, on his family members. [email protected] It’s not a pretty picture. Fiction Editor LAURIE MUCHNICK The book describes the Trumps as a clan headed by a “high-functioning [email protected] Tom Beer sociopath,” patriarch Fred Trump Sr., father to Donald and the author’s own Young Readers’ Editor VICKY SMITH father, Fred Jr.
    [Show full text]